PHP 7.1.x < 7.1.28, 7.2.x < 7.2.17, 7.3.x < 7.3.4 Multiple Vulnerabilities - Windows

PHP is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if description...

Internet Bug Bounty: linkinfo - openbasedir bypass on Windows PHP

Upstream bug - windows linkinfo lacks openbasedir check === https://bugs.php.net/bug.php?id=76459 Summary == Description: ------------ linkinfo function on windows doesn't implement openbasedir check, it can be seen by reviewing the source code. This could be abused to find files on paths outside...

XOS Shop 1.0 rc7o (redirect.php, goto param) - SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: XOS Shopv1.0rc7o Sql Injection Vulnerability Date: 23/01/2014 Exploit Author: JoKeRStEx Vendor Homepage: http://www.xos-shop.com/ Software Link: http://xos-shop.com/main/index.php/cPath/25/ Version: v1.0 rc7o Tested on: Windows...

NolaPro Enterprise 4.0.5538 Cross Site Scripting / SQL Injection

Advisory : CORELAN-10-035 Disclosure date : May 1st, 2010 http://www.corelan.be:8800/advisories.php?id=CORELAN-10-035 00 : Vulnerability information Product : NolaPro Enterprise Version : 4.0.5538 Vendor : Noguska LLC URL : http://www.nolapro.com Platform : Windows PHP/MySQL Type of vulnerabiliti...